Post on 21-Sep-2020
JACKSONVILLE TRANSPORTATION AUTHORITYThe Role of Cyber Security in Safety
Kevin Holzendorf
Jacksonville Transportation Authority
Safety Culture
▪ Proactive approach to safety▪ Identify risky behavior▪ Provide mentoring▪ Internal audits▪ Safety committees▪ Review policies and procedures
Safety Performance Objectives
FY17 OCT 1.00 1.32 1.32
FY17 NOV 1.00 0.87 1.09
FY17 DEC 1.00 1.21 1.13
FY17 JAN 1.00 0.98 1.09
FY17 FEB 1.00 0.59 0.99
FY17 MAR 1.00 1.31 1.05
FY17 APR 1.00 1.08 1.05
FY17 MAY 1.00 1.43 1.10
FY17 JUN 1.00 0.79 1.06
FY Month Target MTD YTD
JACKSONVILLE TRANSPORTATION AUTHORITY
Cyber Security
▪ Endangerment of public or employee safety▪ Impact on regional/national security▪ Loss of public confidence▪ Violation of regulatory requirements▪ Loss of proprietary or confidential information▪ Economic loss
Cyber Security is the protecting of systems and data from attacks, damage or unauthorized access
Cyber Security = Risk Management
What’s at Risk if we fail?▪ Public or employee safety▪ Public confidence▪ Regulatory violation▪ Proprietary or confidential info▪ Economic loss▪ Regional/national security
Presentation Title
Your Title
Cyber Breach Probability
2015 Data Breaches by Industry Sector
Source: Verizon 2016 Data Breach Investigations Report
Less than 0.7% of all reported breaches occurred in the
Transportation Sector
JACKSONVILLE TRANSPORTATION AUTHORITY
Your Title
Why do anything?
What Technology is Vulnerable?
InformationTechnology
OperationalTechnology
JACKSONVILLE TRANSPORTATION AUTHORITY
Transportation Operations Systems
Adapted from the National Academy of Sciences, “Protection of Transportation Infrastructure from Cyber Attacks: A Primer”
TYPE CATEGORY HIGHWAYS TRANSITOperational Technology (OT) Control Systems Advanced Traffic Management System
(ATMS)Train Control System
Bus Control System
SCADA Road/Weather Systems Traction Power
Traffic Monitoring and Surveillance Emergency Ventilation System
RR Crossings Monitoring (Pumps, Alarms)
GPS
Signaling Highway Signals Train Signals
Signal Priority Systems
Communications Advance Traveler Information System (ATIS)
Communications
DSRC
Fare Collection Systems
Electronic Toll Collection (ETC) Entry/Exit Gates
Ticket Vending Machines, Fare Boxes, Fare Validators, Ticket Encoding
HVAC/Building Management
HVAC HVAC Systems
Tunnel Ventilation "People Movers"
Information Technology (IT) Enterprise systems: Finance, HR, Productivity, Archives
Driver, Vehicle and Crash systems Asset Management
Asset Management BYOD
BYOD
Design, Construction CADD, Electronic Bidding Track Inspection
Typical IT & OT systems
JACKSONVILLE TRANSPORTATION AUTHORITY
Your Title
Who is breaching our Systems?
~85% of data breaches are External
Percent of Breaches by Threat
~15% are Internal
Source: Verizon 2016 Data Breach Investigations Report
Your Title
How are they getting in?
Source: Verizon 2016 Data Breach Investigations Report
10%
16%
6%
26%6%
36%
Transportation Cyber Incidents by Pattern
Crimeware
Espionage
Misc Errors
Denial of Service
Privilege Misuse
Web Apps
What about the Transportation Sector?
Source: Verizon 2016 Data Breach Investigations Report
Threat Landscape Recap
▪ External Threats are almost 6x more likely than Internal▪ Hacking, Malware, and Social Engineering are the primary
methods to breach an environment▪ Primary incident scenarios in the Transportation Sector are:
▪ Hacking into our Web Applications▪ Denial of Service attacks▪ State Actors committing acts of Espionage
Since time and resources are limited, our initial Cyber Strategy efforts should focus on the top 3 first
Network Security Best Practices
Internal Vulnerability Scanning
External Vulnerability ScanningExternal Penetration Testing
At a minimum…
Policy & Procedure
Intrusion Detection/Prevention
System Hardening
Firewall Protection
Email Scanning/Spam Filtering
Web Content Filtering
Anti-virus/Anti-malware
Patch Management
Summary
Is your agency secure?
Don’t know?
APTA TranslTech Conference
Join us in Jacksonville – April 9-11, 2018